Midnight Blizzard Targets European Diplomats with Wine Tasting Phishing Lure
Russian state actor Midnight Blizzard is using fake wine tasting events as a lure to spread malware for espionage purposes, according to Check Point
Information Security Magazine
NTLM Hash Exploit Targets Poland and Romania Days After Patch
4 days 15 hours ago
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild
Senators Urge Cyber-Threat Sharing Law Extension Before Deadline
4 days 16 hours ago
Bipartisan support grows in Congress to extend Cybersecurity Information Sharing Act for 10 years
Identity Attacks Now Comprise a Third of Intrusions
4 days 21 hours ago
IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en masse
Microsoft Thwarts $4bn in Fraud Attempts
4 days 21 hours ago
Microsoft has blocked fraud worth $4bn as threat actors ramp up AI use
CISA Throws Lifeline to CVE Program with Last-Minute Contract Extension
4 days 22 hours ago
MITRE will be able to keep running the CVE program for at least the next 11 months
Network Edge Devices the Biggest Entry Point for Attacks on SMBs
4 days 22 hours ago
Sophos found that compromise of network edge devices, such as VPN appliances, accounted for 30% of incidents impacted SMBs in 2024
ICO Issues Merseyside-Based Law Firm £60,000 Fine After Cyber-Attack
4 days 23 hours ago
A UK Law firm has been fined £60,000 after data stolen during a 2022 cyber-attack was published on the dark web
Hertz Data Breach Exposes Customer Information in Cleo Zero-Day Attack
5 days 16 hours ago
Hertz has confirmed a data breach exposing customer data after a zero-day attack targeting file transfer software from Cleo Communications
China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses
5 days 17 hours ago
NVISO discovered new variants of the BRICKSTORM backdoor, initially designed for Linux, on Windows systems
92% of Mobile Apps Found to Use Insecure Cryptographic Methods
5 days 18 hours ago
Study reveals 92% of mobile apps use insecure cryptographic methods, exposing millions to data risks
Scalper Bots Fueling DVSA Driving Test Black Market
5 days 21 hours ago
DataDome warns that DYI bots are snapping up driving test places en masse
Chaos Reigns as MITRE Set to Cease CVE and CWE Operations
5 days 22 hours ago
Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database
North Korean Hackers Exploit LinkedIn to Infect Crypto Developers with Infostealers
6 days 16 hours ago
Posing as potential employers, Slow Pisces hackers conceal malware in coding challenges sent to cryptocurrency developers on LinkedIn
Compliance Now Biggest Cyber Challenge for UK Financial Services
6 days 19 hours ago
Regulatory compliance and data protection were the biggest cybersecurity challenges cited by UK financial organizations, according to a Bridewell survey
Bot Traffic Overtakes Human Activity as Threat Actors Turn to AI
6 days 20 hours ago
Thales report reveals bots now account for 51% of all web traffic, surpassing human activity
Organizations Found to Address Only 21% of GenAI-Related Vulnerabilities
6 days 20 hours ago
Pentesting firm Cobalt has found that organizations fix less than half of exploited vulnerabilities, with just 21% of generative AI flaws addressed
LabHost Phishing Mastermind Sentenced to 8.5 Years
6 days 21 hours ago
A UK man has been sentenced to over eight years for masterminding £100m phishing platform LabHost
Major WordPress Plugin Flaw Exploited in Under 4 Hours
1 week ago
Flaw in SureTriggers plugin allows unauthenticated users to create admin accounts on WordPress sites
Prodaft Offers "No Judgment" Deal to Buy Dark Web Accounts from Cybercrime Forum Users
1 week ago
Through the SYS Initiative, Prodaft is offering a secure, anonymous channel for individuals to share information about ongoing cybercrime activities
Checked
4 hours 8 minutes ago